When it came to ransomware in 2022, data from our 2022 State of Ransomware report showed that the retail sector ransomware attacks experienced a massive 67% increase over 2021. Shocking figures indeed, but it’s worth noting that the increase over 2020 was a whopping 233%. Many big name brands fell victim to ransomware last year, was it low hanging fruit for attackers or a lucrative target?
When it came to the variants behind the incidents, Hive claimed 3 of the publicized attacks while 11 of the recorded attacks had no claim of responsibility against them, despite the large-scale organizations being attacked. Snatch made headlines by adding McDonalds and UK based Daylesford Organics to their victims list. While their attack on McDonalds saw 500GB of data stolen and a “shields up” alert issued by CISA to all US organizations. The Daylesford incident exposed data of a number of high profile UK celebrities.
Europe was the most targeted region with 30% of all publicly disclosed retail attacks, closely followed by the UK and US. Other large retailers included Canadian food retail giant Sobeys, Moroccan and Kuwait branches of IKEA and Spinneys a chain of supermarkets in Dubai.
High Value Targets
Ransom demands were extremely varied, with a large difference noted between various attacks. Esquimal in Mexico received a demand of €3000 for 77,000 pieces of customer information while at the other end of the scale, Walmartwas given a ransom of $55million and UK car dealer Pendragon was hit with a record breaking £60million ransom demand.
Retailers are often seen as high value targets because downtime is so detrimental to their business and they have a wealth of customer data worth exfiltrating. When it came to disruption, this was certainly felt by French retailer Intersport who were unable to complete instore sales on Black Friday as a result of a cyberattack by the Hive group. Online retailers are hit even harder by attacks as threat actors can stop their sales entirely. An example of this last year was Funky Pigeon, a UK online gift card retailer who was forced to shut down systems and temporarily suspend operations following an attack in April.
The competitive nature of this sector also creates problems for retailers. According to a report by Arcserve, 59% of customers would likely avoid doing business with an organization who had experienced a cyberattack in the past year.
Cybersecurity Investment Lacking
While the retail sector as a whole does seem to be implementing more tools to protect themselves against cyberattacks, many are still being targeted due to their lack of protection. Threat actors who attacked both Esquimal, a Mexican clothing retailer, and French furniture retailer Conformara, commented on the low level of security and data protection at both organizations. With catastrophic consequences resulting from these attacks, it is surprising that many large organizations, not just in retail, are failing to prioritize cybersecurity.
According to Sophos, cyber insurance is also causing issues for the retail sector with 41% of retailers saying that fewer insurance providers are offering cover at affordable prices. This makes it more difficult for retailers, especially smaller ones, to get insurance to help combat the rising number of attacks and the size of ransom demands.
With the number of attacks rising substantially in this sector over the last two years, will this trend continue in 2023? Allocating investment to bolster their basic cybersecurity defenses and adopt third generation cybersecurity solutions is essential for retailers to protect their customer data and avoid being 2023 ransomware news.
Related Posts
CDK Global Ransomware: What Happened and How It Impacted Businesses
Here you will learn about the CDK Global ransomware attack, the impact on auto dealerships, relevant recovery steps and general cybersecurity practices for businesses.
Ransomware Containment: Effective Strategies to Protect Your Business
Discover effective ransomware containment strategies for your business. This guide discusses network segmentation, zero trust, and practical best practices for IT managers and cybersecurity professionals to reduce ransomware damage.
Ransomware Meets Retail: Sainsbury’s, Starbucks and Morrisons Feel the Heat from Blue Yonder Attack
The Blue Yonder ransomware attack disrupted major retailers like Sainsbury’s, Starbucks, and Morrisons, highlighting the vulnerabilities of global supply chains and the urgent need for stronger cybersecurity defenses.
Top 5 Cyberattacks During Black Friday and Thanksgiving
Find out about the top five biggest cyberattacks for Black Friday and Thanksgiving, from data breaches and ransomware, to see the risks businesses experience during the holidays.
Healthcare Ransomware Attacks: How to Prevent and Respond Effectively
Learn how to protect yourself from healthcare ransomware attacks. We discuss the main security weaknesses, suggest security steps, and offer possible means of protecting patient information.
Everything That You Need to Know About the Dark Web and Cybercrime
Learn about the dark web, including who uses it, how it operates, and what tools cybercriminals obtain on it. Find out how BlackFog monitors networks, forums, and ransomware leak sites in order to stay ahead of new threats.